Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Server | Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 |
X-Powered-By | Coffee |
Content-Security-Policy | default-src 'self'; img-src 'self' www.google-analytics.com; script-src 'self' 'unsafe-inline' www.google-analytics.com cdn.ampproject.org; font-src 'self' fonts.gstatic.com https://maxcdn.bootstrapcdn.com/font-awesome/; style-src 'self' 'unsafe-inline' fonts.googleapis.com maxcdn.bootstrapcdn.com/font-awesome/; connect-src 'self' wss://socket.bitvavo.com 3p.ampproject.net www.google-analytics.com; |
X-Content-Security-Policy | default-src 'self'; img-src 'self' www.google-analytics.com; script-src 'self' 'unsafe-inline' www.google-analytics.com cdn.ampproject.org; font-src 'self' fonts.gstatic.com https://maxcdn.bootstrapcdn.com/font-awesome/; style-src 'self' 'unsafe-inline' fonts.googleapis.com maxcdn.bootstrapcdn.com/font-awesome/; connect-src 'self' wss://socket.bitvavo.com 3p.ampproject.net www.google-analytics.com; |
X-WebKit-CSP | default-src 'self'; img-src 'self' www.google-analytics.com; script-src 'self' 'unsafe-inline' www.google-analytics.com cdn.ampproject.org; font-src 'self' fonts.gstatic.com https://maxcdn.bootstrapcdn.com/font-awesome/; style-src 'self' 'unsafe-inline' fonts.googleapis.com maxcdn.bootstrapcdn.com/font-awesome/; connect-src 'self' wss://socket.bitvavo.com 3p.ampproject.net www.google-analytics.com; |
Cache-Control | max-age=0 |
Expires | Thu, 18 Jan 2018 12:33:43 GMT |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
Referrer-Policy | no-referrer |
X-Frame-Options | DENY |
Expect-CT | enforce,max-age=84600, report-uri="https://bitvavo.report-uri.com/r/d/ct/reportOnly" |
X-Cache | Miss from cloudfront |
Via | 1.1 c1e7619081dec7d3b54748e60a26e48d.cloudfront.net (CloudFront) |
X-Amz-Cf-Id | tOQNhtL6qXDsBu34oA2_UQ3dt_ASOgVujkxwoOJz8XwonLx8LGdCaA== |